1. Field of the Invention
The present invention relates to a user authentication technique using a face image, and in particular to a technique effectively applicable to a portable terminal.
2. Description of the Related Art
In recent years, functions of the portable terminals (mobile phones, PDAs (Personal Digital Assistant), etc.) have been remarkably improved and have gained popularity. Electronic mail and Internet connectivity are becoming standard programs (functions) offered in many cases. Even terminals having electronic money transfer programs or terminals that can function as an IC card have been spreading in the market. These functions handle personal information and very important data such as electronic money. Therefore, security measures to prevent illegal use of the terminals and data leakage is actively being researched.
As a security measure for the portable terminals, “face authentication techniques” using a camera are currently under study. A “face authentication technique” capable of picking up the face image of a holder and identifying the holder (user authentication) is highly convenient. With mobile phones having a camera as standard equipment in many cases, another advantage is that the addition of special hardware is not required.
On the other hand, the user authentication device or system using the face image often encounters a problem of “spoofing”. Spoofing is an act by a person that is not the legitimate holder, who attempts to be authenticated using a face photo of the legitimate holder.
A bag with a portable terminal therein, which may be stolen by snatching for example, or otherwise, often contains a card with a face photo such as a license or a student identification card. If one is able to easily fool the system using such a face photo, cases of illegal use may increase. This is especially likely given that portable terminals currently available are equipped with a camera of a mega pixel class, which have a variety of functions including auto focusing, macro imaging (close-up imaging) and zooming (enlarging the object), even a photo as small as an ID photo may contribute to spoofing of the system.
One idea known to obviate spoofing, is a method in which the user is required to perform a predetermined motion and it is determined whether the user has performed the motion meeting the requirement or not. In this method the dynamic image is used and therefore, the size of the comparison data required is large.
Another idea, is a method in which images are picked up a plurality of times under different lighting conditions, and by checking the shadows of the face, spoofing with the photo is prevented. This method, however, requires lighting equipment having sufficient luminance and therefore, it is difficult to incorporate into a portable terminal. In addition, each time user authentication is required, the light is turned on (i.e., each time the user tries to use the portable terminal) thereby inconveniencing the user.